const path = require('path');
const md5 = require('js-md5');
const router = require('koa-router')();
const scripts = require('./scripts/account');

router.prefix('/api/account', '账号管理相关接口');

router.post('/create', async (ctx, next) => {
  let info = ctx.request.body || {};
  let rs = ctx.getResponse();

  if (!info.account) {
    rs.success = false;
    rs.message = '缺少账号！';
  } else if (!info.password) {
    rs.success = false;
    rs.message = '缺少密码！';
  } else if (info.password != info.confirmPassword) {
    rs.success = false;
    rs.message = '密码和确认密码不一致！';
  } else if (!info.userName) {
    rs.success = false;
    rs.message = '缺少用户名！';
  }

  if (!rs.success) {
    ctx.body = rs;

    return;
  }

  let sqlite = ctx.sqlite;
  let user = await sqlite.queryForObject(scripts.getUser, { account: info.account });

  if (!user.data) {
    rs = await sqlite.execute(scripts.createUser, {
      account: info.account,
      password: md5(info.password),
      userName: info.userName,
      email: info.email,
      status: 1,
      createdOn: rs.at
    });
  } else {
    rs.success = false;
    rs.message = '该账号已存在！';
  }

  ctx.body = rs;
}, {
  desc: '创建账号', body: {
    account: { type: 'string', desc: '账号' },
    password: { type: 'string', desc: '密码' },
    confirmPassword: { type: 'string', desc: '确认密码' },
    userName: { type: 'string', desc: '用户名' },
    email: { type: 'string', desc: '电子邮箱' }
  }
});

router.post('/login', async (ctx, next) => {
  let auth = ctx.request.body || {};
  let rs = ctx.getResponse();

  if (!auth.account) {
    rs.success = false;
    rs.message = '缺少账号！';
  } else if (!auth.password) {
    rs.success = false;
    rs.message = '缺少密码！';
  }

  if (!rs.success) {
    ctx.body = rs;

    return;
  }

  let sqlite = ctx.sqlite;
  let res = await sqlite.queryForObject(scripts.getUser, { account: auth.account });

  if (res.data) {
    if (res.data.Password != auth.password) {
      rs.success = false;
      rs.message = '密码错误！';
    } else if (res.data.Status != 1) {
      rs.success = false;
      rs.message = '该账号已失效！';
    }
  } else {
    rs.success = false;
    rs.message = '账号不存在！';
  }

  if (rs.success) {
    delete res.data['Password'];

    await sqlite.execute(scripts.recordLogIn, { id: res.data.Id, lastLogOn: res.at });

    rs.data = res.data;
  }

  ctx.body = rs;
}, {
  desc: '用户登录', body: {
    account: { type: 'string', desc: '账号' },
    password: { type: 'string', desc: '密码' }
  }
});

router.put('/changeStatus', async (ctx) => {
  let info = ctx.request.body || {};
  let rs = ctx.getResponse();

  if (!info.account) {
    rs.success = false;
    rs.message = '缺少账号！';
  } else if (!info.status) {
    rs.success = false;
    rs.message = '缺少新的状态！';
  }

  if (!rs.success) {
    ctx.body = rs;

    return;
  }

  let sqlite = ctx.sqlite;
  let res = await sqlite.queryForObject(scripts.getUser, { account: info.account });

  if (!res.data) {
    rs.success = false;
    rs.message = '账号不存在！';
  }

  if (rs.success) {
    await sqlite.execute(scripts.changeStatus, { id: res.data.Id, status: info.status });
  }

  ctx.body = rs;
}, {
  desc: '修改用户状态', body: {
    account: { type: 'string', desc: '账号' },
    status: { type: 'integer', desc: '修改后的状态' }
  }
});

router.post('/changePassword', async (ctx, next) => {
  let info = ctx.request.body || {};
  let rs = ctx.getResponse();

  if (!info.account) {
    rs.success = false;
    rs.message = '缺少账号！';
  } else if (!info.oldPassword) {
    rs.success = false;
    rs.message = '缺少旧密码！';
  }
  else if (!info.newPassword) {
    rs.success = false;
    rs.message = '缺少新密码！';
  } else if (info.newPassword != info.confirmPassword) {
    rs.success = false;
    rs.message = '新密码和确认密码不一致！';
  }

  if (!rs.success) {
    ctx.body = rs;

    return;
  }

  let sqlite = ctx.sqlite;
  let res = await sqlite.queryForObject(scripts.getUser, { account: info.account });

  if (res.data) {
    if (res.data.Password != info.oldPassword) {
      rs.success = false;
      rs.message = '旧密码错误！';
    } else if (res.data.Status != 1) {
      rs.success = false;
      rs.message = '该账号已失效！';
    }
  } else {
    rs.success = false;
    rs.message = '账号不存在！';
  }

  if (rs.success) {
    await sqlite.execute(scripts.changePassword, { id: res.data.Id, password: md5(info.newPassword) });
  }

  ctx.body = rs;
}, {
  desc: '修改密码', body: {
    account: { type: 'string', desc: '账号' },
    oldPassword: { type: 'string', desc: '旧密码' },
    newPassword: { type: 'string', desc: '新密码' },
    confirmPassword: { type: 'string', desc: '确认密码' }
  }
});

router.put('/update', async (ctx, next) => {
  let info = ctx.request.body || {};
  let rs = ctx.getResponse();

  if (!info.id) {
    rs.success = false;
    rs.message = '请提供编号！';
  }
  else if (!info.userName) {
    rs.success = false;
    rs.message = '请提供用户名！';
  }

  if (!rs.success) {
    ctx.body = rs;

    return;
  }

  await ctx.sqlite.execute(scripts.updateUserInfo, info);

  ctx.body = rs;
}, {
  desc: '修改用户信息', body: {
    id: { type: 'integer', desc: '编号' },
    userName: { type: 'string', desc: '用户名' },
    email: { type: 'string', desc: '邮箱' }
  }
});

router.delete('/:userId', async (ctx) => {
  let userId = ctx.params.userId;

  let canRemove = await ctx.sqlite.queryForObject(scripts.checkUserCanRemove, { userId });

  if (canRemove.data && canRemove.data.Enabled == 1) {
    ctx.body = ctx.getResponse('超级管理员不能直接删除！');

    return;
  }

  ctx.body = await ctx.sqlite.execute(scripts.removeUser, { userId });
}, { desc: '删除用户', userId: '用户编号' });

module.exports = router;